3aa5b0ddc537c0e07701f99809d5813bc5bab1e8bdafc8f87fe72bba82d754cf

Sharing

Copy URL Twitter E-mail

General

Target

3aa5b0ddc537c0e07701f99809d5813bc5bab1e8bdafc8f87fe72bba82d754cf
Size

3.6MB
MD5

889e0b02e255e22185f3b750ee11aa87
SHA1

2c8f3f38a3f630f50ed06cbb510e96f98efa20c8
SHA256

3aa5b0ddc537c0e07701f99809d5813bc5bab1e8bdafc8f87fe72bba82d754cf
SHA512

cd3f86cc381fa382a38505ec47739bae2608410091cae079e8c29d15a1c96366fea02d5e0b59a355325317a3a4b9de10e64ac055b1dc2bf2c50cc64910e55c0a
SSDEEP

98304:Lo7bm/mEI72koCVHWNrO1suQfgOQlyIniPsR:0HmuEqVoW2NrgsHwyIiER

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/drv/devcon.exe

Files

3aa5b0ddc537c0e07701f99809d5813bc5bab1e8bdafc8f87fe72bba82d754cf
.zip
UDisplay.exe
.exe windows:6 windows x86 arch:x86

eb51f2487f5e0558cd3f20345674a278

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

63:b0:e3:25:8f:25:f1:4e:9a:1f:e3:53:2f:a8:cd:f7
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

25/08/2023, 00:00

Not After

24/08/2024, 23:59

Subject

SERIALNUMBER=91440300MA5F58JQ2W,CN=Shenzhen Sage Iot Technology Co.\, Ltd.,O=Shenzhen Sage Iot Technology Co.\, Ltd.,ST=广东省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f2:15:57:b9:7c:82:5a:b0:6d:91:f5:6c:29:1d:b8:b9:c6:36:d2:1b:ec:d9:1f:ab:13:4f:92:a4:a5:37:4c:a9
Signer

Actual PE Digest

f2:15:57:b9:7c:82:5a:b0:6d:91:f5:6c:29:1d:b8:b9:c6:36:d2:1b:ec:d9:1f:ab:13:4f:92:a4:a5:37:4c:a9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetStringTypeW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
WriteConsoleW
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
GetFileType
SetStdHandle
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
InterlockedPushEntrySList
RtlUnwind
SwitchToThread
GetModuleHandleExW
SetThreadErrorMode
GetFileAttributesW
FindNextFileW
FindFirstFileW
GetOverlappedResult
CreateThread
GetStartupInfoA
WriteProcessMemory
VirtualProtectEx
SetInformationJobObject
AssignProcessToJobObject
CreateJobObjectA
CreateProcessA
SetEnvironmentVariableA
CreatePipe
GetConsoleMode
CompareFileTime
FindNextFileA
SetConsoleTitleA
SetCurrentConsoleFontEx
GetCurrentConsoleFont
GetStdHandle
AllocConsole
GetDriveTypeA
GetLogicalDriveStringsA
DeviceIoControl
CreateDirectoryA
GetLocalTime
GetLocaleInfoEx
QueryPerformanceFrequency
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
RaiseException
OutputDebugStringW
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetConsoleOutputCP
GetFileAttributesExW
GetEnvironmentVariableA
GetCurrentDirectoryW
GetFullPathNameW
MoveFileExW
GetExitCodeProcess
CreateProcessW
CreateSemaphoreW
GetProcessAffinityMask
GetThreadPriority
LCMapStringEx
CompareStringEx
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
DeleteFileW
UnhandledExceptionFilter
InitializeSListHead
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetErrorMode
SetFileAttributesA
GetFileSizeEx
GetFileAttributesExA
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GetUserDefaultLCID
GetTempFileNameA
GetFileTime
FindResourceExW
GetWindowsDirectoryA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
WideCharToMultiByte
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetTempPathA
SetFilePointer
SearchPathA
GetProfileIntA
GetTickCount64
VerifyVersionInfoA
VerSetConditionMask
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetACP
FileTimeToSystemTime
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
CreateSemaphoreA
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
ReleaseSemaphore
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetVersionExA
GetCurrentThread
GetCurrentDirectoryA
GlobalReAlloc
GetFileSize
GetFileAttributesA
CreateFileA
lstrcpyA
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
EncodePointer
SetThreadPriority
GetCurrentThreadId
CreateEventA
SetEvent
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
lstrcmpA
SetLastError
CopyFileA
FormatMessageA
LocalFree
GlobalSize
GetModuleFileNameA
GetCurrentProcessId
GetSystemTime
ExitProcess
GetSystemDefaultLangID
GetProcAddress
LoadLibraryW
GetProcessHeap
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
OutputDebugStringA
HeapFree
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
SuspendThread
WaitForSingleObject
ResumeThread
MulDiv
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
FindResourceA
Sleep
MultiByteToWideChar
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
WTSGetActiveConsoleSessionId

user32

GetSystemMetrics
DrawFrameControl
LoadCursorW
SetRectEmpty
InvalidateRect
TranslateAcceleratorA
LoadAcceleratorsA
CharUpperBuffA
DrawIconEx
DrawFocusRect
GetSysColorBrush
DestroyMenu
LoadImageW
UpdateLayeredWindow
EnableScrollBar
UnionRect
SystemParametersInfoA
MonitorFromPoint
BringWindowToTop
LockWindowUpdate
GetMenuItemInfoA
MessageBeep
GetSystemMenu
LoadMenuW
IsRectEmpty
DestroyIcon
CopyImage
GetIconInfo
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
LoadImageA
ReleaseDC
GetDC
SetParent
SetCursor
FillRect
MonitorFromWindow
GetMonitorInfoA
OffsetRect
ScreenToClient
PtInRect
PostMessageA
EnableWindow
GetClientRect
ClientToScreen
WindowFromPoint
GetWindowRect
GetParent
SetTimer
KillTimer
SetCapture
ReleaseCapture
SetRect
LoadCursorA
RegisterHotKey
GetDesktopWindow
UnregisterClassA
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetDisplayConfigBufferSizes
GetCursorInfo
SetDisplayConfig
ChangeDisplaySettingsExA
EnumDisplaySettingsA
EnumDisplayDevicesA
wvsprintfW
DisplayConfigSetDeviceInfo
UpdateWindow
InflateRect
IsWindow
CopyRect
GetAsyncKeyState
SendMessageA
IntersectRect
CreatePopupMenu
AppendMenuA
GetCursorPos
GetWindow
SetWindowPos
GetKeyboardState
LoadMenuA
ToAscii
GetCapture
GetSysColor
GetSubMenu
DeleteMenu
LoadBitmapW
SetMenuItemBitmaps
InsertMenuA
ModifyMenuA
CheckMenuItem
EnableMenuItem
LoadIconA
SetForegroundWindow
IsWindowVisible
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
RemoveMenu
GetFocus
GetMenuCheckMarkDimensions
SetMenuItemInfoA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
PostQuitMessage
PostThreadMessageA
WaitMessage
ShowOwnedPopups
GetKeyNameTextA
RealChildWindowFromPoint
MapDialogRect
CopyAcceleratorTableA
SetLayeredWindowAttributes
EnumDisplayMonitors
IsClipboardFormatAvailable
SetMenuDefaultItem
RegisterClipboardFormatA
SetClassLongA
GetKeyboardLayout
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
GetMenuDefaultItem
SetCursorPos
CopyIcon
FrameRect
GetComboBoxInfo
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
GetUpdateRect
GetDoubleClickTime
GetNextDlgGroupItem
DestroyCursor
EnumChildWindows
SetActiveWindow
UnhookWindowsHookEx
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
GetKeyState
ValidateRect
SetWindowsHookExA
CallNextHookEx
RegisterWindowMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgCtrlID
SetFocus
GetMenu
SetMenu
TrackPopupMenu
GetForegroundWindow
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetWindowTextLengthA
AdjustWindowRectEx
MapWindowPoints
EqualRect
SetWindowLongA
GetClassLongA
GetClassNameA
GetTopWindow
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpA
ShowWindow
MoveWindow
CreateMenu
GetWindowRgn
DrawIcon
IsCharLowerA
CharUpperA
IsZoomed
TrackMouseEvent
NotifyWinEvent
CheckDlgButton
SendDlgItemMessageA
SetWindowTextA
IsDialogMessageA
DestroyAcceleratorTable
SetWindowRgn
DrawEdge
MapVirtualKeyExA
HideCaret
InvertRect
MapVirtualKeyA

gdi32

CreateHatchBrush
CreateBitmap
GetTextMetricsA
PathToRegion
EndPath
AngleArc
BeginPath
CreateRoundRectRgn
FrameRgn
FillRgn
CreateRectRgnIndirect
GetBkColor
GetTextColor
GetBitmapBits
GetPixel
GetDeviceCaps
Rectangle
CreateCompatibleBitmap
RoundRect
GetDIBColorTable
SetDIBColorTable
TextOutA
GetStockObject
SetTextColor
SetBkMode
StretchBlt
DeleteDC
BitBlt
SetStretchBltMode
SelectObject
CreateCompatibleDC
DeleteObject
CreateDIBSection
GetObjectA
GetTextExtentPoint32A
CreateFontA
MoveToEx
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
CreatePen
CopyMetaFileA
CreateDCA
PatBlt
CombineRgn
GetDIBits
RealizePalette
SetPixel
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateFontIndirectA
SetRectRgn
DPtoLP
EnumFontFamiliesA
GetTextCharsetInfo
GetRgnBox
OffsetRgn
CreatePalette
GetPaletteEntries
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
GetWindowOrgEx
GetBoundsRect
PtInRegion
LPtoDP
GetViewportOrgEx
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextFaceA
SetPixelV
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
SetBrushOrgEx
SetWorldTransform
ModifyWorldTransform
ScaleWindowExtEx
CreateDIBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

OpenSCManagerA
RegOpenKeyExA
RegEnumValueA
RegOpenKeyExW
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
GetTokenInformation
CreateProcessAsUserA
RegCloseKey
OpenServiceA
QueryServiceConfigA
CloseServiceHandle
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegQueryValueExW
RegGetValueW
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA

shell32

SHCreateDirectoryExA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
ShellExecuteA
DragFinish
DragQueryFileA
SHAppBarMessage
Shell_NotifyIconGetRect
Shell_NotifyIconA
SHGetSpecialFolderPathA

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathRemoveFileSpecW
StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
ord12
PathFindExtensionA
PathFileExistsA

uxtheme

CloseThemeData
GetCurrentThemeName
OpenThemeData
GetThemePartSize
GetThemeColor
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
DrawThemeParentBackground
DrawThemeText
IsAppThemed
GetWindowTheme

ole32

OleCreateMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleLockRunning
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
OleTranslateAccelerator
IsAccelerator
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
OleDestroyMenuDescriptor

oleaut32

SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdiplusShutdown
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipSetSmoothingMode
GdipDrawImageRectI
GdipCreateSolidFill
GdipDeleteBrush
GdipCreatePen2
GdipDeletePen
GdipDrawLine
GdipCreateStringFormat
GdipDeleteStringFormat

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
WTSQuerySessionInformationA
WTSQueryUserToken
WTSFreeMemory

ws2_32

socket
closesocket
WSAStartup
ioctlsocket
inet_addr
setsockopt
listen
htons
connect
WSAGetLastError
select
recv
accept
bind
send

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

timeBeginPeriod
PlaySoundA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wininet

InternetGetConnectedState

dbghelp

MiniDumpWriteDump

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory1

setupapi

SetupDiGetDevicePropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailA
SetupDiOpenDeviceInterfaceA

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

winhttp

WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpOpen
WinHttpCheckPlatform
WinHttpConnect
WinHttpReadData
WinHttpCloseHandle
WinHttpWriteData
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryDataAvailable

hid

HidD_FreePreparsedData
HidP_GetValueCaps
HidD_GetHidGuid
HidD_GetSerialNumberString
HidD_GetPreparsedData
HidP_GetCaps

urlmon

URLDownloadToFileA

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 753KB - Virtual size: 753KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drv/SG_DISP_BUS.inf
drv/SG_DISP_BUS.sys
.sys windows:10 windows x64 arch:x64

d6bae5ebee3489365fd12fcf42a2dd77

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

63:b0:e3:25:8f:25:f1:4e:9a:1f:e3:53:2f:a8:cd:f7
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

25/08/2023, 00:00

Not After

24/08/2024, 23:59

Subject

SERIALNUMBER=91440300MA5F58JQ2W,CN=Shenzhen Sage Iot Technology Co.\, Ltd.,O=Shenzhen Sage Iot Technology Co.\, Ltd.,ST=广东省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:08:e2:33:7a:56:70:40:c0:d5:00:00:00:00:01:08
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/09/2023, 19:14

Not After

04/09/2024, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

af:b0:95:d3:27:80:40:a9:a4:94:6d:5e:73:85:43:02:16:95:3f:5f:c0:a7:9e:e5:61:e8:a5:63:16:71:b0:76
Signer

Actual PE Digest

af:b0:95:d3:27:80:40:a9:a4:94:6d:5e:73:85:43:02:16:95:3f:5f:c0:a7:9e:e5:61:e8:a5:63:16:71:b0:76

Digest Algorithm

sha256

PE Digest Matches

true

af:b0:95:d3:27:80:40:a9:a4:94:6d:5e:73:85:43:02:16:95:3f:5f:c0:a7:9e:e5:61:e8:a5:63:16:71:b0:76
Signer

Actual PE Digest

af:b0:95:d3:27:80:40:a9:a4:94:6d:5e:73:85:43:02:16:95:3f:5f:c0:a7:9e:e5:61:e8:a5:63:16:71:b0:76

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

RtlCopyUnicodeString
RtlInitUnicodeString
_vsnwprintf
DbgPrintEx

wdfldr.sys

WdfVersionUnbindClass
WdfVersionBindClass
WdfVersionUnbind
WdfLdrQueryInterface
WdfVersionBind

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 562B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drv/SG_DISP_DRV.dll
.dll windows:10 windows x64 arch:x64

3e100dd03578d2785a0b27fc7440826a

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

63:b0:e3:25:8f:25:f1:4e:9a:1f:e3:53:2f:a8:cd:f7
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

25/08/2023, 00:00

Not After

24/08/2024, 23:59

Subject

SERIALNUMBER=91440300MA5F58JQ2W,CN=Shenzhen Sage Iot Technology Co.\, Ltd.,O=Shenzhen Sage Iot Technology Co.\, Ltd.,ST=广东省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ee:91:a3:50:06:d2:19:3c:27:c7:0b:d5:93:54:e7:b1:c9:0b:0f:8f:5c:76:89:66:0a:57:b3:68:28:92:c5:2f
Signer

Actual PE Digest

ee:91:a3:50:06:d2:19:3c:27:c7:0b:d5:93:54:e7:b1:c9:0b:0f:8f:5c:76:89:66:0a:57:b3:68:28:92:c5:2f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

avrt

AvSetMmThreadCharacteristicsA
AvRevertMmThreadCharacteristics

ntdll

RtlPcToFileHeader
RtlUnwindEx
RtlUnwind
DbgPrintEx

kernel32

QueryPerformanceCounter
Sleep
InitializeCriticalSectionEx
DeleteCriticalSection
GetTickCount64
CreateDirectoryA
GetLocalTime
EncodePointer
CloseHandle
SetEvent
WaitForSingleObject
CreateEventA
CreateEventW
WaitForMultipleObjects
CreateThread
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
QueryPerformanceFrequency
SetLastError
GetLastError
InterlockedFlushSList
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter

advapi32

RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
TraceMessage

wpprecorderum

WppAutoLogTrace
WppAutoLogStop
WppAutoLogStart

ole32

CoCreateGuid

dxgi

CreateDXGIFactory2

d3d11

D3D11CreateDevice

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fwrite
_fsopen
fflush

api-ms-win-crt-filesystem-l1-1-0

_access

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
abort
_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate

api-ms-win-crt-heap-l1-1-0

calloc
_callnewh
free
malloc

api-ms-win-crt-string-l1-1-0

strcpy_s

Exports

Exports

FxDriverEntryUm

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drv/SG_DISP_DRV.inf
drv/devcon.exe
.exe windows:10 windows x64 arch:x64

0baa2d4e550dc24f554ab947efabf698

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueExW
InitiateSystemShutdownExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
OpenServiceW
RegDeleteValueW
RegSetValueExW
OpenSCManagerW
CloseServiceHandle

kernel32

GetCurrentProcess
lstrlenW
FormatMessageW
GetLastError
CloseHandle
LocalFree
FileTimeToSystemTime
LoadLibraryW
GetProcAddress
FreeLibrary
GetDateFormatW
FindFirstFileW
GetFullPathNameW
FindNextFileW
FindClose
GetFileAttributesW
GetWindowsDirectoryW
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep

msvcrt

?terminate@@YAXXZ
_commode
_fmode
__C_specific_handler
__setusermatherr
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
memset
__iob_func
_initterm
_XcptFilter
free
_callnewh
malloc
wprintf
towupper
wcsrchr
_wcsnicmp
fputs
wcschr
iswalpha
fputws
_wcsicmp
towlower

ole32

CLSIDFromString

setupapi

SetupDiClassNameFromGuidExW
SetupCopyOEMInfW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Connect_MachineW
SetupDiSetClassInstallParamsW
CM_Locate_DevNode_ExW
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
SetupDiSetDeviceRegistryPropertyW
SetupDiBuildClassInfoListExW
SetupDiCreateDeviceInfoW
SetupDiGetDriverInstallParamsW
SetupDiOpenClassRegKeyExW
CM_Free_Log_Conf_Handle
SetupFindFirstLineW
SetupDiSetDeviceInstallParamsW
CM_Free_Res_Des_Handle
SetupOpenInfFileW
SetupDiDestroyDeviceInfoList
SetupDiClassGuidsFromNameExW
CM_Get_Device_ID_ExW
SetupDiGetClassDevsExW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoW
SetupScanFileQueueW
SetupDiGetClassDescriptionExW
SetupOpenFileQueue
CM_Get_Next_Res_Des_Ex
CM_Get_DevNode_Status_Ex
SetupCloseInfFile
CM_Get_Res_Des_Data_Ex
SetupDiOpenDevRegKey
SetupDiDestroyDriverInfoList
SetupCloseFileQueue
SetupDiGetDeviceInstallParamsW
SetupDiEnumDriverInfoW
SetupDiSetSelectedDriverW
CM_Get_First_Log_Conf_Ex
SetupDiGetDriverInfoDetailW
CM_Get_Res_Des_Data_Size_Ex
SetupDiBuildDriverInfoList
SetupGetStringFieldW
SetupDiCallClassInstaller

user32

CharPrevW
CharNextW
LoadStringW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drv/runas.vbs
.vbs
drv/sg_disp_bus.cat
drv/sg_disp_drv.cat

Sharing

General

Malware Config

Signatures

Files

eb51f2487f5e0558cd3f20345674a278

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate

Extended Key Usages

Key Usages

63:b0:e3:25:8f:25:f1:4e:9a:1f:e3:53:2f:a8:cd:f7Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

f2:15:57:b9:7c:82:5a:b0:6d:91:f5:6c:29:1d:b8:b9:c6:36:d2:1b:ec:d9:1f:ab:13:4f:92:a4:a5:37:4c:a9Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

wtsapi32

ws2_32

oleacc

imm32

winmm

version

wininet

dbghelp

d3d11

dxgi

setupapi

userenv

winhttp

hid

urlmon

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 753KB - Virtual size: 753KB

.data Size: 41KB - Virtual size: 1.0MB

.rsrc Size: 2.1MB - Virtual size: 2.1MB

.reloc Size: 228KB - Virtual size: 228KB

d6bae5ebee3489365fd12fcf42a2dd77

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate

Extended Key Usages

Key Usages

63:b0:e3:25:8f:25:f1:4e:9a:1f:e3:53:2f:a8:cd:f7Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

33:00:00:01:08:e2:33:7a:56:70:40:c0:d5:00:00:00:00:01:08Certificate

Extended Key Usages

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

63:b0:e3:25:8f:25:f1:4e:9a:1f:e3:53:2f:a8:cd:f7
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

f2:15:57:b9:7c:82:5a:b0:6d:91:f5:6c:29:1d:b8:b9:c6:36:d2:1b:ec:d9:1f:ab:13:4f:92:a4:a5:37:4c:a9
Signer

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 753KB - Virtual size: 753KB

.data
Size: 41KB - Virtual size: 1.0MB

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

.reloc
Size: 228KB - Virtual size: 228KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

63:b0:e3:25:8f:25:f1:4e:9a:1f:e3:53:2f:a8:cd:f7
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

33:00:00:01:08:e2:33:7a:56:70:40:c0:d5:00:00:00:00:01:08
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

af:b0:95:d3:27:80:40:a9:a4:94:6d:5e:73:85:43:02:16:95:3f:5f:c0:a7:9e:e5:61:e8:a5:63:16:71:b0:76
Signer

af:b0:95:d3:27:80:40:a9:a4:94:6d:5e:73:85:43:02:16:95:3f:5f:c0:a7:9e:e5:61:e8:a5:63:16:71:b0:76
Signer

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 760B

.pdata
Size: 512B - Virtual size: 216B

PAGE
Size: 512B - Virtual size: 474B

INIT
Size: 1024B - Virtual size: 562B

.reloc
Size: 512B - Virtual size: 56B

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

63:b0:e3:25:8f:25:f1:4e:9a:1f:e3:53:2f:a8:cd:f7
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

ee:91:a3:50:06:d2:19:3c:27:c7:0b:d5:93:54:e7:b1:c9:0b:0f:8f:5c:76:89:66:0a:57:b3:68:28:92:c5:2f
Signer

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 2KB

_RDATA
Size: 512B - Virtual size: 512B

.reloc
Size: 512B - Virtual size: 376B